Latest news of the domain name industry

Recent Posts

It’s official: new gTLDs didn’t kill anyone

Kevin Murphy, December 2, 2015, Domain Tech

The introduction of new gTLDs posed no risk to human life.

That’s the conclusion of JAS Advisors, the consulting company that has been working with ICANN on the issue of DNS name collisions.

It is final report “Mitigating the Risk of DNS Namespace Collisions”, published last night, JAS described the response to the “controlled interruption” mechanism it designed as “annoyed but understanding and generally positive”.

New text added since the July first draft says: “ICANN has received fewer than 30 reports of disruptive collisions since the first delegation in October of 2013. None of these reports have reached the threshold of presenting a danger to human life.”

That’s a reference to Verisign’s June 2013 claim that name collisions could disrupt “life-supporting” systems such as those used by emergency response services.

Names collisions, you will recall, are scenarios in which a newly delegated TLD matches a string that it is already used widely on internal networks.

Such scenarios could (and have) led to problems such as system failure and DNS queries leaking on to the internet.

The applied-for gTLDs .corp and .home have been effectively banned, due to the vast numbers of organizations already using them.

All other gTLDs were obliged, following JAS recommendations, to redirect all non-existent domains to 127.0.53.53, an IP address chosen to put network administrators in mind of port 53, which is used by the DNS protocol.

As we reported a little over a year ago, many administrators responded swearily to some of the first collisions.

JAS says in its final report:

Over the past year, JAS has monitored technical support/discussion fora in search of posts related to controlled interruption and DNS namespace collisions. As expected, controlled interruption caused some instances of limited operational issues as collision circumstances were encountered with new gTLD delegations. While some system administrators expressed frustration at the difficulties, overall it appears that controlled interruption in many cases is having the hoped-for outcome. Additionally, in private communication with a number of firms impacted by controlled interruption, JAS would characterize the overall response as “annoyed but understanding and generally positive” – some even expressed appreciation as issues unknown to them were brought to their attention.

There are a number of other substantial additions to the report, largely focusing on types of use cases JAS believes are responsible for most name collision traffic.

Oftentimes, such as the random 10-character domains Google’s Chrome browser uses for configuration purposes, the collision has no ill effect. In other cases, the local system administrators were forced to remedy their software to avoid the collision.

The report also reveals that the domain name corp.com, which is owned by long-time ICANN volunteer Mikey O’Connor, receives a “staggering” 30 DNS queries every second.

That works out to almost a billion (946,728,000) queries per year, coming when a misconfigured system or inexperienced user attempts to visit a .corp domain name.

ICANN Compliance probing Hunger Games domain

ICANN’s Compliance department is looking into whether Donuts broke the rules by activating a domain name for the forthcoming The Hunger Games movie.

Following up from the story we posted earlier today, ICANN sent DI the following statement:

We are well aware of this issue and are addressing it through our normal compliance resolution process. We attempt to resolve compliance matters through a collaborative informal resolution process, and we do not comment on what happens during the informal resolution phase.

At issue is whether Donuts allowed the movie’s marketers to launch thehungergames.movie before the new gTLD’s mandatory 90-day “controlled interruption” phase was over.

Under a strict reading of the CI rules, there’s something like 10 to 12 days left before Donuts is supposed to be allowed to activate any .movie domain except nic.movie.

Donuts provided the following statement:

This is a significant step forward in the mainstream usage of new domains. One of the core values of the new gTLD program is the promotion of consumer choice and competition, and Donuts welcomes this contribution to the program’s success, and to the promotion of the film. We don’t publicly discuss specific matters related to ICANN compliance.

I imagine what happened here is that Donuts got an opportunity to score an anchor tenant with huge visibility and decided to grasp it with both hands, even though distributor Lion’s Gate Entertainment’s (likely immovable) launch campaign schedule did not exactly chime with its own.

It may be a technical breach of the ICANN rules on name collisions — which many regard as over-cautious and largely unnecessary — but it’s not a security or stability risk.

Of course, some would say it also sets a precedent for other registries to bend the rules if they score big-brand backing in future.

Is The Hunger Games’ new .movie domain illegal?

Donuts may have launched its best new gTLD anchor tenant in violation of ICANN rules.

The company revealed earlier this week that The Hunger Games movies are using thehungergames.movie to promote the fourth and final installment of the wildly successful “trilogy”.

The domain name even features in the trailer for the film, which currently has over 1.7 million YouTube views.

But it has been claimed that Donuts activated the domain in the DNS two weeks before it was allowed to under its ICANN registry contract.

It boils down to “controlled interruption”, the controversial mechanism by which registries mitigate the risk of potentially harmful name collisions in the DNS.

Under ICANN’s rules for CI, for 90 days registries have to implement a wildcard in their zone file that redirects all domains other than nic.[tld] to 127.0.53.53 and your-dns-needs-immediate-attention.[tld].

“The Registry Operator must not activate any other names under the TLD until after the 90-day controlled interruption period has been completed,” the rules say, in bold text.

Donuts’ .movie was delegated on or around March 26, which means when thehungergames.movie was activated there were still about two weeks left on the .movie CI clock.

As far as I can tell from reading ICANN documentation on CI, there are no carve-outs for anchor tenants.

The .movie zone file has five other domains related to The Hunger Games in it — the only names other than nic.movie — but they don’t seem to resolve.

There’s no actual security or stability risk here, of course.

If .movie had used the old method of blocking a predefined list of identified name collisions, thehungergames.movie would not have even been affected — it’s not on .movie’s list of collisions.

However, if ICANN decides rules have been broken and Donuts is forced to deactivate the domain, it would be a painfully embarrassing moment for the new gTLD industry.

It can perhaps be hoped that ICANN’s process of investigating such things takes about two weeks to carry out.

I’ve contacted Donuts for comment and will provide an update if and when I receive any additional information.

Where to find new gTLD dropping domain lists

Kevin Murphy, November 20, 2014, Domain Registries

With hundreds of thousands of currently blocked new gTLD domain names about to hit the market, many without premium pricing, some domain investors have been wondering where they can get hold of the lists of soon-to-be available names.

Fortunately, ICANN freely publishes several lists that could prove useful.

As we’ve been reporting this week, names that were previously reserved by new gTLD registries due to name collisions have started to become unblocked, as mandatory 90-day “controlled interruption” phases start to expire.

By definition, a name collision domain has received traffic in the past.

A CSV file containing a list of all domain names currently subject to CI can be downloaded from ICANN here.

Be warned, it’s a 68MB file with millions and millions of lines — your spreadsheet software may not be able to open it. It also changes regularly, so it could get bigger as more new gTLDs begin their CI programs.

The file shows the TLD, the second-level string, the date it went into CI and the number of days it has remained in that status. When the last number hits 90, the block is due to be lifted.

A second CSV file contains all the domains that have completed CI. Find it here. It’s currently almost 7MB, but it’s going to get a lot bigger rather quickly as domains move from one list to the other.

That file shows the TLD, the SLD, the date CI started and the day it ended.

Every domain name in that list is no longer subject to a mandatory ICANN block, but that doesn’t necessarily mean that the registry has unblocked it in practice. Some registries are planning to keep hold of the newly available domains and release them in batches at a later date.

Some gTLDs have chosen to wildcard their zones rather than implement a CI response on each individual name collision. In those cases, individual domain names will not show up in the current collisions file. Instead, you’ll see an asterisk.

In those cases, you can find a list of all of each gTLD’s name collisions in separate CSV files accompanying each TLD’s ICANN contract. The contracts can be found here. Click through to the TLD you’re interested in and download the “List of SLDs to Block” file.

Note that there’s a lot of absolute garbage domains in these files. The name collisions program ain’t pretty.

Millions of new gTLD domains to be released as collision blocks end

Kevin Murphy, November 17, 2014, Domain Registries

Millions of new gTLD domain names are set to start being released, as ICANN-mandated name collision blocks start getting lifted.

Starting yesterday, domains that have been blocked from registration due to name collisions can now be released by the registries.

About 95,000 names in gTLDs such as .nyc, .tattoo, .webcam and .wang have already ended their mandatory “controlled interruption” period and hundreds of thousands more are expected to be unblocked on a weekly basis over the coming months (and years).

Want to register sex.nyc, poker.bid or garage.capetown? That may soon be possible. Those names, along with hundreds of other non-gibberish domains, are no longer subject to mandatory blocks.

Roughly 45 new gTLDs have ended their CI periods over the last two days. Here are the Latin-script ones:

.bid, .buzz, .cancerresearch, .capetown, .caravan, .cologne, .cymru, .durban, .gent, .jetzt, .joburg, .koeln, .krd, .kred, .lacaixa, .nrw, .nyc, .praxi, .qpon, .quebec, .ren, .ruhr, .saarland, .wang, .webcam, .whoswho, .wtc, .citic, .juegos, .luxury, .menu, .monash, .physio, .reise, .tattoo, .tirol, .versicherung, .vlaanderen and .voting

Another half dozen or so non-Latin script gTLDs have also finished with CI.

There are over 17,500 newly unblocked names in .nyc alone. Over the whole new gTLD program, over 9.8 million name collisions are to be temporarily blocked.

Name collisions are domains in new gTLDs that were already receiving DNS root traffic well before the gTLD was delegated, suggesting that they may be in use on internal networks.

To avoid possible harm from collisions, ICANN forced registries to make these names unavailable for registration and to resolve to the deliberately non-functional and odd-looking IP address 127.0.53.53.

Each affected name had to be treated in this way for 90 days. The first TLDs started implementing CI on August 18, so the first batch of registries ended their programs yesterday.

So, will every domain that was on a registry’s collision list be available to buy right away?

No.

ICANN hasn’t told registries that they must release names as soon as their CI period is over, so it appears to be at the registries’ discretion when the names are released. I gather some intend to do so as soon as today.

Also, any name that was blocked due to a collision and also appears in the Trademark Clearinghouse will have to remain blocked until it has been subject to a Sunrise period.

Some registries, such as Donuts, have already made their collision names available (but not activated in the DNS) under their original Sunrise periods so will be able to release unclaimed names at the same time as all the rest.

Other registries will have to talk to ICANN about a secondary sunrise period, to give trademark holders their first chance to grab the previously blocked names.

Furthermore, domains that the registry planned to reserved as “premiums” will continue to be reserved as premiums.

  • Page 1 of 2
  • 1
  • 2
  • >